3 min Security

Microsoft: AI will lead to a lot more fixes on Patch Tuesdays

Microsoft: AI will lead to a lot more fixes on Patch Tuesdays

Microsoft has warned that the number of security updates will increase significantly. The reason is that Microsoft can detect vulnerabilities faster with AI, which means it has to develop more patches. The flip side is that AI can also be used by malicious actors to find vulnerabilities, which means Microsoft simply has to patch faster.

System administrators will therefore have their hands full, as they’ll need to roll out more patches during the monthly Patch Tuesdays. That’s according to Pavan Davuluri, executive vice president of Windows + Devices at Microsoft. He says it’s good news that Microsoft is using AI to find vulnerabilities, because this leads to more flaws being discovered and makes it harder for attackers to exploit them.

Microsoft therefore advises customers to invest in the company’s automated patching tools. According to Davuluri, those who use them will be able to keep up with the increasing volume of updates. Of course, that argument works well for Microsoft from a commercial standpoint.

At the same time, the entire industry is transitioning toward greater use of AI, including malicious actors. The question is whether, as more and more vulnerabilities are discovered and can be exploited more quickly, a monthly patch cycle is sufficient for Microsoft. Shouldn’t that pace be increased as well? That question remains unanswered.

How MDASH detects vulnerabilities

Central to the approach is a tool that Microsoft calls the multi-model agentic scanning harness (MDASH). The system combines multiple AI models, including external models specialized in finding vulnerabilities. Microsoft has its key solutions checked by MDASH and has the various AI models work together to produce results. A specific AI agent has also been developed to filter out false positives, and only then are the findings sent to the engineering team.

The numbers show that MDASH delivers results. In May 2026, the system identified sixteen new vulnerabilities in the network and authentication layers of Windows, including critical RCE vulnerabilities in the TCP/IP stack and the IKEv2 service. In a later blog post, Microsoft revealed that MDASH is now also being applied to Hyper-V, Active Directory, and the Windows kernel.

Record number of patches

The impact on Patch Tuesday is noticeable. The June 2026 Patch Tuesday included 206 vulnerabilities, including three publicly known zero-days. This was the first time Microsoft exceeded the 200 CVE mark in a single release. By comparison, the July 2025 Patch Tuesday only reached 137 vulnerabilities. The growth is therefore substantial.

Microsoft isn’t alone. Oracle recently announced that, thanks to AI-powered bug finders, it is adding a monthly critical patch cycle to its existing quarterly service.